Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/443C3AF2D3F611EFB03C5C14C4F9AE02.roa
File: 443C3AF2D3F611EFB03C5C14C4F9AE02.roa (raw, json)
Hash identifier: yjQDivJZ1s/I1gyM4tvZvat6RLwGZDHbtVct4nnyZGo=
Subject key identifier: 16:5C:93:0B:A4:81:B6:39:10:29:1F:89:0B:9A:5F:F8:02:69:10:5A
Certificate issuer: /CN=A9119333/serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Certificate serial: 234D
Authority key identifier: 69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/443C3AF2D3F611EFB03C5C14C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:28:17 +0000
ROA not before: Fri 02 May 2025 16:23:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45650
IP address blocks: 43.245.84.0/22 maxlen: 24
45.64.114.0/24 maxlen: 24
45.64.115.0/24 maxlen: 24
103.10.28.0/22 maxlen: 24
103.41.172.0/22 maxlen: 24
103.129.132.0/22 maxlen: 24
110.44.112.0/20 maxlen: 24
150.107.106.0/23 maxlen: 24
2404:7c00::/48 maxlen: 48
2404:7c00:1::/48 maxlen: 48
2404:7c00:40::/44 maxlen: 44
2404:7c00:40::/48 maxlen: 48
2404:7c00:41::/48 maxlen: 48
2404:7c00:42::/48 maxlen: 48
2404:7c00:43::/48 maxlen: 48
2404:7c00:44::/48 maxlen: 48
2404:7c00:46::/48 maxlen: 48
2404:7c00:47::/48 maxlen: 48
2404:7c00:48::/48 maxlen: 48
2404:7c00:49::/48 maxlen: 48
2404:7c00:4a::/48 maxlen: 48
2404:7c00:4b::/48 maxlen: 48
2404:7c00:4d::/48 maxlen: 48
2404:7c00:4e::/48 maxlen: 48
2404:7c00:4f::/48 maxlen: 48
2404:7c00:50::/44 maxlen: 44
2404:7c00:51::/48 maxlen: 48
2404:7c00:52::/48 maxlen: 48
2404:7c00:53::/48 maxlen: 48
2404:7c00:60::/44 maxlen: 44
2404:7c00:61::/48 maxlen: 48
2404:7c00:62::/48 maxlen: 48
2404:7c00:63::/48 maxlen: 48
2404:7c00:64::/48 maxlen: 48
2404:7c00:65::/48 maxlen: 48
2404:7c00:70::/44 maxlen: 44
2404:7c00:80::/44 maxlen: 44
2404:7c00:81::/48 maxlen: 48
2404:7c00:100::/40 maxlen: 48
2404:7c00:7c00::/44 maxlen: 44
2404:7c00:7c10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl
rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9037 (0x234d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119333, serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Validity
Not Before: May 2 16:23:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a45b10-c946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:78:df:a0:8c:78:28:a2:e8:16:9b:0d:d9:94:
93:b7:4f:d6:6a:c6:40:08:5b:d7:f1:4c:95:5a:5a:
00:cf:6b:7f:63:fc:c6:d7:46:db:09:bb:53:48:da:
36:4c:6e:31:ed:5d:4c:c4:f6:f6:48:50:5b:b4:1d:
4d:da:5c:b9:85:07:86:d8:5d:ce:81:08:cf:09:10:
4f:d6:da:08:19:3d:22:47:fb:e5:06:e5:02:c9:66:
ff:bd:27:63:e7:56:2e:80:56:ae:98:d2:3a:50:62:
1d:7f:00:61:99:67:3a:a8:5b:8b:d1:99:41:7a:20:
05:8b:d7:dc:13:c8:62:a2:3a:ea:88:f1:43:e4:e4:
a7:7a:3d:90:75:3a:d9:38:fb:9e:85:f9:46:0d:ea:
2d:c7:f8:b7:a2:fc:46:96:f1:0a:a5:1e:d9:10:ad:
28:d8:6d:02:22:08:46:49:7f:fe:dc:56:9b:17:bb:
34:ff:f3:de:6f:dc:94:5c:71:ec:70:59:73:87:d3:
cc:b8:1d:aa:92:28:74:c1:83:1a:9e:be:97:24:7f:
ef:6c:c8:85:9d:41:fc:b9:15:55:d8:7f:14:6a:bc:
98:b9:b2:bf:12:9b:71:75:31:45:f6:18:ba:78:0f:
0a:62:ce:d5:16:40:d9:a5:a8:5a:b8:46:c4:fa:a6:
10:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5C:93:0B:A4:81:B6:39:10:29:1F:89:0B:9A:5F:F8:02:69:10:5A
X509v3 Authority Key Identifier:
keyid:69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/443C3AF2D3F611EFB03C5C14C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.84.0/22
45.64.114.0/23
103.10.28.0/22
103.41.172.0/22
103.129.132.0/22
110.44.112.0/20
150.107.106.0/23
IPv6:
2404:7c00::/47
2404:7c00:40::-2404:7c00:8f:ffff:ffff:ffff:ffff:ffff
2404:7c00:100::/40
2404:7c00:7c00::/43
Signature Algorithm: sha256WithRSAEncryption
9e:93:23:b3:2e:6b:10:98:af:00:d1:87:87:14:b2:9d:7f:32:
9d:2f:7b:62:a6:cd:89:a8:ee:5a:ca:9c:dc:e7:28:e6:65:c4:
c0:eb:c9:af:5f:91:d5:0c:72:20:9a:aa:f3:d5:3b:fe:c2:46:
1d:9f:51:88:17:8e:60:db:3f:d2:16:d2:c8:6f:78:e9:bd:bf:
5b:7c:bc:8d:b3:88:12:30:55:73:ed:ed:0e:12:00:d9:dc:8b:
70:4f:2f:62:d9:cb:78:99:36:d3:c7:4c:7b:db:81:f3:08:d7:
c8:69:1e:1b:de:76:28:d9:bb:e8:03:89:77:92:b0:72:38:a9:
45:f1:f8:39:44:50:8f:60:3e:bc:49:83:f6:ed:7d:f9:ce:c4:
71:5d:a5:a8:a2:c6:a1:85:b9:35:3d:0b:42:2c:a8:9e:0e:0f:
79:32:ff:61:d2:11:2f:88:1d:f4:ab:e1:75:bf:3d:23:23:93:
eb:a6:29:b6:6a:54:56:e4:b9:46:ea:04:25:0d:00:71:77:61:
0b:5d:c4:81:69:4b:01:c8:68:aa:76:fc:f4:1b:02:42:f2:04:
48:cb:8e:fc:3e:d8:85:39:71:44:c1:ec:7f:a1:db:f9:ae:2e:
8a:ec:49:be:6e:d7:a3:59:53:82:7e:72:43:2b:55:42:1c:a5:
05:6a:98:64
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICI00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkzMzMxMTAvBgNVBAUTKDY5OUU2NzQyNTY3QkU3MzI5Q0MzQTc4NkRFQjc4NTdF
MkMyNDIwRjkwHhcNMjUwNTAyMTYyMzUzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NWIxMC1jOTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtXjfoIx4KKLoFpsN2ZSTt0/WasZACFvX8UyVWloAz2t/Y/zG10bbCbtTSNo2
TG4x7V1MxPb2SFBbtB1N2ly5hQeG2F3OgQjPCRBP1toIGT0iR/vlBuUCyWb/vSdj
51YugFaumNI6UGIdfwBhmWc6qFuL0ZlBeiAFi9fcE8hiojrqiPFD5OSnej2QdTrZ
OPuehflGDeotx/i3ovxGlvEKpR7ZEK0o2G0CIghGSX/+3FabF7s0//Peb9yUXHHs
cFlzh9PMuB2qkih0wYManr6XJH/vbMiFnUH8uRVV2H8UaryYubK/EptxdTFF9hi6
eA8KYs7VFkDZpahauEbE+qYQcwIDAQABo4ICujCCArYwHQYDVR0OBBYEFBZckwuk
gbY5ECkfiQuaX/gCaRBaMB8GA1UdIwQYMBaAFGmeZ0JWe+cynMOnht63hX4sJCD5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTMzMy8wNjVEQTNCQUI4
NDQxMUU1QjUzNTdCMkZDNEY5QUUwMi9hWjVuUWxaNzV6S2N3NmVHM3JlRmZpd2tJ
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FaNW5RbFo3NXpLY3c2ZUczcmVGZml3a0lQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkzMzMvMDY1REEzQkFCODQ0MTFFNUI1MzU3QjJGQzRGOUFFMDIvNDQzQzNBRjJE
M0Y2MTFFRkIwM0M1QzE0QzRGOUFFMDIucm9hMHkGCCsGAQUFBwEHAQH/BGowaDAw
BAIAATAqAwQCK/VUAwQBLUByAwQCZwocAwQCZymsAwQCZ4GEAwQEbixwAwQBlmtq
MDQEAgACMC4DBwEkBHwAAAAwEgMHBiQEfAAAQAMHBCQEfAAAgAMGACQEfAABAwcF
JAR8AHwAMA0GCSqGSIb3DQEBCwUAA4IBAQCekyOzLmsQmK8A0YeHFLKdfzKdL3ti
ps2JqO5aypzc5yjmZcTA68mvX5HVDHIgmqrz1Tv+wkYdn1GIF45g2z/SFtLIb3jp
vb9bfLyNs4gSMFVz7e0OEgDZ3ItwTy9i2ct4mTbTx0x724HzCNfIaR4b3nYo2bvo
A4l3krByOKlF8fg5RFCPYD68SYP27X35zsRxXaWoosahhbk1PQtCLKieDg95Mv9h
0hEviB30q+F1vz0jI5Prpim2alRW5LlG6gQlDQBxd2ELXcSBaUsByGiqdvz0GwJC
8gRIy478PtiFOXFEwex/odv5ri6K7Em+btejWVOCfnJDK1VCHKUFaphk
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:43:30 2026 by rpki-client